archive/zip in Go 1.16.x before 1.16.1 allows attackers to cause a denial of service (panic) upon attempted use of the Reader.Open API for a ZIP archive in which ../ occurs at the beginning of any filename.
References
Configurations
History
07 Nov 2023, 03:32
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
13 Dec 2022, 16:31
Type | Values Removed | Values Added |
---|---|---|
References | (GENTOO) https://security.gentoo.org/glsa/202208-02 - Third Party Advisory |
04 Aug 2022, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Mar 2022, 14:27
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
|
First Time |
Fedoraproject fedora
Fedoraproject |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HM7U5JNS5WU66Q3S26PFIU2ITB2ATTQ4/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MU47VKTNXX33ZDLTI2ORRUY3KLJKU6G/ - Mailing List, Third Party Advisory |
25 Sep 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Sep 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Mar 2021, 14:53
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 5.5 |
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:golang:go:*:*:*:*:*:*:*:* | |
References | (MISC) https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw - Mailing List, Vendor Advisory |
11 Mar 2021, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-03-11 00:15
Updated : 2023-12-10 13:41
NVD link : CVE-2021-27919
Mitre link : CVE-2021-27919
CVE.ORG link : CVE-2021-27919
JSON object : View
Products Affected
golang
- go
fedoraproject
- fedora
CWE